The present invention relates to card memories, particularly to the provision of memory on a flexible card having an input/output device such as surface contacts. The memory may be read/writable and non-volatile.
There is a general requirement for storing data, particularly personal data, for use in various types of transactions such as health insurance, telephone calls, paying for mass transit, as well as in xe2x80x9cset-upxe2x80x9d boxes for satellite video or pay TV, etc. One way of doing this is digitally. For everyday personal use, such a digital data store should be compact e.g. about as big as a conventional credit card, and must be able to
1) withstand moisturexe2x80x94at least quick immersion and/or high humidity levels,
2) withstand dust particles encountered in handbags, coat pockets and wallets without loss of performance,
3) withstand bending without failure, e.g. when forced into a wallet,
4) be UV resistant,
5) withstand electromagnetic and magnetic fields produced by common household devices as well as small magnets without loss of data,
6) to be manufactured in high volumes at a low manufacturing cost.
There are several types of known transportable devices for strong digital data. The ubiquitous xe2x80x9cfloppyxe2x80x9d diskette provides reliable access to 1.44 Mbyte of data storage. Although relatively robust, diskettes still require careful handling and are sensitive to dust and bending. Developments of higher storage capacity have been introduced, for example ZIP drives with capacities over 100 Mbytes. Removable hard drives such as supplied by Syquest Corporation, USA allow the storage of many hundreds of megabytes of data. Neither diskettes nor replaceable hard drives are flexible. They are sensitive to mechanical damage and dust and are not suitable for carrying in a coat pocket, in a wallet or in a lady""s handbag for daily use. They are generally not used with terminals, e.g. Point-of Sale (POS) terminals for financial purposes or with other forms of data transfer, e.g. for use as identification of membership of a health insurance organization.
In addition so-called PCMCIA memory cards are known which include a 68 pin connector at one end, are usually electromagnetically shielded with metal layers on both sides, are not flexible and are about 5 mm thick. PCMCIA cards with the ability to store several megabytes of data are known, for instance, from EP 596 276, U.S. Pat. Nos. 5,293,424, 5,671,367, 5,875,480. PCMCIA cards provide a high quality connector and metallic screening suitable for installation in lap-tops and computers and are highly reliable. However, their construction is expensive and they are not very suitable for daily use in coat pockets, wallets or ladies"" handbags.
Optical CD-ROM""s have developed beyond their original read-only status and rewritable CD-ROM""s are supplied by several companies, e.g. the Hewlett-Packard RW 8100 series. A modification to the basic idea is available which includes placing a CD-ROM type data recording medium on a flexible card, for example, LaserCard(trademark) from Drexler Technology Corporation, USA. The disadvantage of all CD-ROM products is that the data may be corrupted by scratches. This makes them suitable for home storage of data, e.g. for music or video, but the surface is not sufficiently robust for the worst of daily uses.
Credit cards with magnetic stripes are also well know but have a very limited storage capacity. Also the data may be wiped by magnets such as the types used to attach identification badges. Long lengths of magnetic tape have also been used successfully for storing very large amounts of data and are used daily in the form of cassettes for playing music. However, they have not found favor for personal storage of data.
Next generation banking cards include microprocessors accessible through surface contactsxe2x80x94sometimes called xe2x80x9csmartcardsxe2x80x9d. These known devices have a higher memory capacity than a magnetic stripe card but the amount is still limited. The cards are flexible, sealed against moisture and have surface contacts which are not blocked by dust. One disadvantage of the known surface contacts is that high electrical potentials may be generated by static electricity and this may result in loss of data on discharge. To solve this problem card readers have been provided with electrostatic discharge protection as described for instance in U.S. Pat. No. 5,892,216.
Summarizing the above, there is no suitable storage device available for everyday use which is compact, reliable, has a large memory capacity and can be produced economically.
It is an object of the present invention to provide a digital storage device which is suitable for daily personal use.
It is a further object of the present invention to provide a digital storage device which has more storage capacity than smartcards while maintaining their flexibility and robustness.
It is still a further object of the present invention to provide surface contacts for a memory card which are better protected against electrostatic discharges.
One aspect of the present invention is to integrate components into a thin flexible memory card with an input/output device so that the components can cooperate as a compact unit providing environmental sealing and secure access to several Mbytes of digital data. The present invention includes a card memory device comprising: a microprocessor, a plurality of memory units for storage of digital data the memory units being embedded in the card memory device and a selecting device for selecting one of the memory units and for routing address information and data to and/or from the selected memory unit, both the microprocessor and the selecting device being embedded in the card memory device. The card memory device has an input/output device (I/O device) for receiving and for transmitting data. It is not anticipated that the form of the I/O device is a limitation on the present invention. For instance, the I/O device may comprise surface contacts for sliding introduction into a card reader. Alternatively, the card may be contactless and the input/output is via electromagnetic radiation such as radio frequency or infra-red transmission. For radio frequency transmissions the input device will generally comprise an antenna embedded in the card. An infra red input device will generally comprise a photovoltaic cell of some kind for receiving the infra red light and for converting it into electrical signals as well as a transmitting device such as an LED (light emitting diode). The power to drive the electronic components of the card may be provided from the incident electromagnetic radiation or may be provided by a battery. A serial port of the microprocessor is connected to the input device, e.g. to one of the surface contacts. Serial data is entered into or read out of the card memory device through the microprocessor. The microprocessor is preferably a secure single chip microprocessor. A serial data port of the microprocessor is connect to a serial port of the selecting device via a first serial bus. For selecting a memory unit, a parallel port of the selecting device is connected to a parallel port of the microprocessor via a parallel address bus. A parallel portion of a memory storage location (bit) address is output or input via the parallel bus. The selecting device has a plurality of serial ports each one connected to a respective memory unit via a second serial bus. The parallel address portion defines one of the input/output serial ports of the selecting device and its associated serial bus and memory unit. Once the serial bus has been selected the microprocessor then sends serial address information via the first and second busses to define a digital data storage location of the selected memory unit. Memory units may be organized in memory modules, each memory module including a plurality of memory units. Each memory unit may include one or more memory devices, e.g. memory chips.
The present invention also includes a card memory device comprising a first set of surface contacts including a ground contact, a power source contact and a data input and/or output contact, and the first set corresponding to a second set of contacts in a card memory device reader, the ground contact of the first set being arranged to ground any contact of the second set before this reader contact makes contact with any of the powder and/or data contacts. The ground contact serves to discharge any electrostatic potential on the card memory device or on the reader. Preferably, the ground contact on the card memory device surrounds the data contact three sides, e.g. it may be xe2x80x9cUxe2x80x9d shaped. The power contact of the card memory device may close the top of the xe2x80x9cUxe2x80x9d
The present invention includes the use of the card memory device described above for providing secure access to a personal computer. The present invention includes a method of secure operation of a computing device, comprising the use of a first card memory device having a microprocessor and a reader connected to the computing device for reading the first card memory device, the method comprising the steps of: configuring the operating system of the computing device so that operation is limited unless the card memory device is inserted into the reader, generating one or more codes relating to system information of the computing device; comparing the generated codes with other codes in the first card memory device, the other codes indicating validated system data for the computing device; and only allowing further unrestricted operation of the computing device if the generated and stored other codes are the same. The first card memory device is preferably a card memory device according the present invention. In particular, it is preferably thin, flexible and environmentally sealed. Preferably the card memory device has an input device which may be sliding contacts in accordance with an embodiment of the present invention. Alternatively, the input device may be contactless, e.g. a radio frequency wireless input device or an infra-red input device. Preferably, the system data includes references to software and/or hardware installed on the computing device. The method also preferably includes a validation step for validating the system data of the computing device. Preferably, if there is no match of codes, a further card memory device may be used to provide authentication to the computing device to update the first card memory device with revised codes. Preferably, the second card memory device is inhibited for further use after the authentication has been transferred a limited number of times, e.g. once. The computing device may be a personal computer or a terminal attached to a LAN or WAN.
The dependent claims each define a separate and individual embodiment of the present invention. The present invention will now be described with reference to the following drawings.